<?php
define('IN_TG','photo_add_img');
define('IN_JS','photo_add_img');
define('SCRIPT','photo_add_img');
require("includes/common.inc.php");
session_start();
require('header.php');
//登录状态

_check_login("photo_add_img.php?id={$_GET['id']}");
if(isset($_GET['id']))
{
	$sql="select tg_dir from tg_dir where tg_id={$_GET['id']}";
	$reres =_query($sql);
	$row = _fetch_array_list($reres);
}
if(isset($_GET['action']))
{
	if($_GET['action']=='addimg')
	{
		if(!empty($_POST)) {
			include ROOT_PATH.'includes/check.func.php';
			$_img['name'] = _check_dir_name($_POST['name'],2,20);
			$_img['content'] = _check_post_content($_POST['content'],10);
			$_img['url'] = _check_photo_url($_POST['url']);
			$_img['username'] = $_SESSION['username'];
			$_img['sid'] = $_POST['sid'];
			$sql="insert into tg_photo(tg_name,tg_url,tg_content,tg_sid,tg_username,tg_date) VALUES ('{$_img['name']}','{$_img['url']}','{$_img['content']}',{$_img['sid'] },'{$_img['username'] }',now())";
			echo $sql;
			$res = _query($sql);
			if($res){
				_close();
				header('location:photo_show.php?id='.$_img['sid']);
			} else {
				_close();
				_alert_back('添加图片失败！');
			}
		}	
	}
}

?>
<div id="photo">
	<h2>上传图片</h2>
	<form method="post" name="up" action="?action=addimg&id=<?php echo $_GET['id'];?>" enctype="multipart/form-data">
		<input type="hidden" name="sid" value="<?php echo isset($_GET['id'])?$_GET['id']:0;?>" />
		<input type="hidden" name="back_url" value="<?php echo $_SERVER['PHP_SELF'].'?'.$_SERVER['QUERY_STRING'];?>"/>
	<dl>
		<dd>图片名称：<input type="text" name="name" class="text" /></dd>
		<dd>图片地址：<input type="text" name="url" id="url" readonly="readonly" class="text" /> <a href="javascript:;" title="<?php echo $row['tg_dir']?>" id="up">上传</a></dd>
		<dd>图片描述：<textarea name="content"></textarea></dd>
		<dd><input type="submit" class="submit" value="添加图片" /></dd>
	</dl>
	</form>
</div>

<?php
require('includes/footer.inc.php');
?>
